HIMSS Study Reveals PHI Breaches Are On The Rise

A recent study from HIMSS Analytics and Kroll Advisory Solutions found that medical organizations are far behind with respect to having sound privacy protections in place. The study along with data from The Office for Civil Rights (OCR), the department within The U.S. Department of Health and Human Services (HHS) responsible for enforcing the HIPAA Privacy and Security Rules shows that over the last few years, protected health information (PHI) breaches are increasing at an alarming rate.

Brian Lapidus, Senior Vice President for Kroll Advisory Solutions is quoted in the article link below saying, “But feeling like one is in adherence with policy prescriptions is not the same as actually protecting personal health information (PHI).”

At Environmental Intelligence, we could not agree more. There is so much more to effectively managing the security of an enterprise network from the risk of PHI breaches than just simply deploying a security architecture.

“I wouldn’t be so quick to give a pass because people are busy,” he says. “Then that could be the universal excuse for everything. There is a responsibility for these organizations to protect patient data.”

Mr. Lapidus is spot on with his comments. The real question is how can medical organizations effectively mitigate the risks of PHI breaches?

An effective way for medical organizations to manage the responsibility of protecting patients data is to partner with an outside Health IT firm that can support the staff in the development, implementation, and monitoring of a comprehensive data security strategy, policy and routines. Organizations that choose to partner with an outside firm with data security expertise will have the benefit of having an unbiased view of internal systems and processes. This line of sight provides medical organizations with the real-time information necessary to effectively identify vulnerabilities and mitigate security threats to patients PHI data. This is far more effective than the tendency for internal IT teams to look at security strategy and develop a check-the-box solution.

Reality is clinicians and administrative teams are busy focusing on their number one priority – providing the absolute best care to their patients and we believe that’s the way it should be.

Frank J. Rosello

is CEO & Co-Founder of Environmental Intelligence LLC.

Environmental Intelligence, LLC, is a complete, full-service healthcare IT solution provider. With a team having more than 10 years of proven clinical expertise in delivering end-to-end health IT solutions, Environmental Intelligence provides medical practices and facilities onsite expert IT consulting, installation, and implementation that is focused on physicians, their patients, and the quality of their care.